Automated execution environments (sometimes referred to as “sandboxes”) are often used to facilitate controlled execution and/or observation of suspicious and/or unknown files. For example, an automated execution environment may execute a file sample to observe whether the file sample exhibits any potentially malicious behaviors. By executing and observing the file sample in this way, the automated execution environment may be able to determine that a file is malicious without exposing the underlying computing platform to certain risks associated with the malicious file.
Unfortunately, while conventional automated execution environments may be able to determine that a file is malicious without exposing the underlying computing platform to certain risks, such environments may still have certain drawbacks and/or inefficiencies. For example, a conventional automated execution environment may be configured to execute a file sample and observe the file sample's behaviors over a 30-minute run time. In this example, not only may the cleanliness of the file sample remain unknown throughout the 30-minute run time, but also the conventional automated execution environment may consume various computing resources that could be utilized by other processes during the 30-minute run time.
The instant disclosure, therefore, identifies and addresses a need for additional and improved systems and methods for accelerating malware analyses in automated execution environments.